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AMENDMENTS TO THE CLAIMS 

Please amend the claims as indicated below. 

1. (Currently Amended) In a personal computer having encryption hardware 
and a processor, a method of storing data on one or more magnetic or optical data 
storage media in an encrypted form comprising: 

storing an identification code in a non-erasable memory during 
manufacture of the personal computer, wherein said identification code is 
defined at least in part by information associated with components of said 
personal computer; 

retrieving the identification code from the non-erasable memory in said 
personal computer; 

receiving user input; 

generating a cryptographic key derived at least in part from said 
identification code and the received user input; 

retrieving a checksum from a configuration register in a bus-to-bus bridge 
in the personal computer, the bus-to-bus bridge storing information identifying 
which of the one or more magnetic or optical data storage media is selected to 
receive encrypted data; 

verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated crvptoaraphic key; 

retrieving information from a memory location; 

disabling encryption of data routed to one of the one or more magnetic or 
optical data storage media in response to said retrieved information; 

encrypting and decrypting data based on the disabling step , for storage on 
and retrieval from one of sai 4the one or more magnetic or optical data storage 
media using the sai ^the generated cryptographic key, wherein the data is 
transmitted by the processor and is encrypted in the personal computer by the 
encryption hardware; and 

rotr i ov i ng i nformation from a memory l ocat i on; and 

d i sab li ng e ncrypt i on of data rout e d to on e of m e d i a i n rosponse to sa i d 
retr ie v e d i nformat i on. 
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storing the data in the one or more magnetic or optical data storage media 
either in encrypted form or non-encrypted form based on the disabling step. 

2. (Canceled) 

3. (Currently Amended) The method of Claim 1, wherein said retrieving the 
identification code is performed without intervention by a host processor. 

4. (Currently Amended) The method of Claim 3, add i t i ona ll y compr i s i ng 
v e rify i ng said k e y, wherein said verifying occurs without intervention of said host 
processor. 

5. (Currently Amended) A method of making a computer comprising: 
storing a hardware identifier in a non-erasable memory integrated circuit 

at the time of manufacture of thesaid computer, wherein the hardware identifier 
is defined at least in part by information associated with components of said 
compute r, tho bus to bus br i dge stor i ng i nformation i dent i fy i ng which data 
storage med i a i s s el ect e d to r e c ei v e e ncrypted data ; 

installing said non-erasable memory integrated circuit into said computer; 

providing a data path to the data storage media; 

providing a configuration register in a bus-to-bus bridge for storing a 
checksum , the bus-to-bus bridge storing information identifying which data 
storage media is selected to receive encn/pted data ; 

coupling a logic circuit comprising an encryption engine to said data path; 

and 

connecting said non-erasable memory integrated circuit to said logic 
circuit, wherein the hardware identifier and a user input is used by the encrypting 
engine for encrypting data that is transmitted to the data storage media and for 
decrypting data that is retrieved from the data storage media, wherein the 
encryption engine verifies the generated cryptographic key using the checksum, 
and wherein the encryption engine is configured to disable encryption of data 
routed to the data storage media in response to information retrieved from a 
storage location. 
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6. (Currently Amended) The method of Claim 5, wherein said act of 
connecting comprises routing a serial data bus from said non-erasable memory 
integrated circuit to said logic circuit. 

7. (Currently Amended) In a computer system comprising a processor and 
encryption hardware and at least one data storage device, a method of data storage 
comprising: 

receiving user input; 

transmitting data from the processor in the computer system to the 
encryption hardware in the computer system; and 

generating a cryptographic key derived at least in part from the received 
user input and information that is stored in a non-erasable memory in said 
computer system during manufacture of said computer system; 

retrieving a checksum from a configuration register in a bus-to-bus bridge 
in the said computer system, the bus-to-bus bridge register storing information 
identifying which storage device is selected to receive encrypted data; 

verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated key; 

retrieving information from a memory location; 

disabling encn/ption of data routed to said selected data storage device in 
response to said retrieved information; 

encrypting and decrypting, in the encryption hardware, user generated 
data with an encryption process that uses the generated cryptographic ke y, the 
encrypting and decrypting being based on the disabling step ; 

rotriov i ng information from a memory locat i on; and 

disab li ng encryption of data routed to said data storage dov i co i n 
rosponso to sa i d retr ie ved i nformat i on. 

storing the data in the at least one storage device either in encrypted form 
or non-encn/pted form based on the disabling step. 

8. (Previously Presented) The method of Claim 7, wherein said information 
is permanently associated with said host computing logic. 
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9. (Previously Presented) The method of Claim 7, wherein said information 
comprises a multi-bit identification code. 

10. (Currently Amended) The method of Claim 9. additionally comprising the 
act of deriving an encryption key at least in part from said multi-bit identification code. 

11. (Canceled) 

12. (Previously Presented) The method of Claim 7, additionally comprising 
defining said encryption process at least in part from user input to said computer 
system. 

13. (Currently Amended) The method of Claim 1, wherein encrypting data for 
storage is performed on an encrypting device that is positioned in a data path between 
a central processing unit and the data storag e m e d i um one of the one or more magnetic 
or optical data storage media . 

14. (Currently Amended) The method of Claim 1, wherein all data that is 
transmitted to the one or more magnetic or optical data otorago data storage media is 
encrypted. 

15. (Currently Amended) In a personal computer having encryption hardware 
and a processor, a method of storing data on one or more magnetic or optical data 
storage media in an encrypted form comprising: 

storing an identification code in a non-erasable memory during 
manufacture of the personal computer, wherein said identification code is 
defined at least in part by information associated with components of said 
personal computer; 

retrieving the identification code from the non-erasable memory in said 
personal computer; 

receiving user input; 

generating a cryptographic key derived at least in part from said 
identification code and the received user input; 

retrieving a checksum from a configuration register in a bus-to-bus bridge 
circuit in tl=^e said personal computer, the bus-to-bus bridge circuit storing 
information identifying which of said one or more magnetic or optical storage 
media is selected to receive encrypted data; 
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verifying the generated cryptographic key, wherein verifying comprises 
determining a checksum of the generated key; 

retrieving information from a memory location: 

disabling encryption of data routed to one of said storage media in 
response to said retrieved information; 

encrypting and decrypting data based on the disabling step, for storage on 
and retrieval from one of said one or more magnetic or optical data storage 
media using said cryptographic key, wherein the data is transmitted by the 
processor and is encrypted in the personal computer by the encryption 
hardware, and wherein the encryption hardware is part of the bus-to-bus bridge 
circuit; and 

rotr i ov i ng informat i on from a momory l ocat i on; and 

d i sab li ng encrypt i on of data routed to on e of sa i d storage m e dia in 
r e spons e to sa i d r e tr ie v e d i nformat i on. 

storing the data in one or more magnetic or optical data storage media in 
either encrypted form or non-encrypted form based on the disabling step. 

16. (Canceled) 

17. (Currently Amended) The method of Claim 15, wherein said retrieving the 
identification code is performed without intervention by a host processor. 

18. (Currently Amended) The method of Claim 17, additiona ll y compris i ng 
ver i fy i ng sa i d k e y, wherein said verifying occurs without intervention of said host 
processor. 



